UNIT-II(CRYPTOGRAPHY AND NETWORK SECURITY)

Symmetric Key Cryptography: Symmetric Key Cryptography: Data Encryption Standard

(DES) Advanced Encryption Standard (AES), Blowfish, IDEA, Block Cipher Modes of
Operations.
Number Theory: Prime and Relatively Prime Numbers, Modular Arithmetic, Fermat’s and
Euler’s Theorems, The Chinese Remainder Theorem, Discrete Logarithms.

WRITE ABOUT SECRET KEY CRYPTOGRAPHY.

It is also called as private key encryption or symmetric encryption. In this same key is used for
both encryption and decryption. Encryption involves applying an algorithm to the data to be
encrypted using the private key to make them unintelligible.
The main disadvantage of secret key algorithm is exchange of keys. This encryption is based on
the exchange of the secret keys.

EXPLAIN ABOUT BLOCK CIPHER DESIGN PRINCIPLES.

Block ciphers treat a block of plaintext as a whole. In general a block size is 64 or 128 bits.
These are more popular than stream ciphers and mostly based on Feistel cipher structure.

Block Cipher: A block cipher is a method of encrypting text in which a cryptographic key and
algorithm are applied to a block of data at one rather than to one bit at a time. In general a block
size may be 64 or 128 bits.
Ex: DES, AES, IDEA, BlowFish,

Stream Cipher: A stream cipher is a method of encrypting text in which cryptographic key and
algorithm are applied to each binary digits in a data stream, one bit at a time. This method is not
much used in modern cryptography.
Ex: Onetime pad, autokeyed Vigenere, Vernam cipher.

EXPLAIN ABOUT DES. (DATA ENCRYPTION STANDARD)

The Data Encryption Standard (DES) is a block cipher that was selected by the National
Bureau of Standards as an official Federal Information Processing Standard (FIPS) for the
United States in 1976. It is based on a symmetric-key algorithm that uses a 56-bit key. It takes a
fixed length string of plain text bits and transforms it through a series of complicated operations
into another cipher text bit string of the same length. In case of DES the block size is 64 bits.

Block Size : 64 bits.

Key Size : 56-bits
No. of Rounds : 16

P SOLMON CSE DEPT, NIT. Page 1

STRUCTURE:

LEFT SIDE:
First the plain text passes through initial permutation (IP) which rearranges the bits and produces
the permuted output. Then it is followed by a phase consisting of 16 rounds of the same function,
which involves both permutation and substitution. The output of the last round consists of 64
bits. After 6 rounds the left and right halves of the output are swapped to produce the preoutput.
Finally the preoutput is passed through a permutation (IP -1) that is the inverse of the initial
permutation to produce the 64- bit cipher text.

RIGHT SIDE:
It shows the subkey generation process. Initially the key is passed through a permutation
function. The permutation function is same for all the 16 rounds, but it produces different
subkeys because of the repeated shifts of the key bits.
DETAILS OF SINGLE ROUND:
LEFT SIDE DIAGRAM:
The left and right halves of each 64-bit intermediate values are treated as separate 32-bit
quantities labeled as L (left) and R (right).
Li = Ri–1
Ri = Li–1 xor F(Ri–1, Ki) The round key Ki is 48 bits. The R input is 32 bits.
 This R input is first expanded to 48 bits using a table that defines a permutation plus and
expansion that involves a duplication of 16 of the R bits.

P SOLMON CSE DEPT, NIT. Page 2

  The resulting 48 bits are XORed with Ki.
 These 48 bits passes through a substitution function that produces 32 bit output.
 The role of S-boxes consists of a set of 8 S-boxes, each of which accepts 6-bits as input
and produces 4 – bits as output.
 These 32 bits passes through permutation box and the result is XORed with the leftmost
bits of the corresponding round.

KEY GENERATION:
 56-bit key is used as input to the algorithm is first subjected to a permutation governed by
initial permuted choice one.
 The resulting 56-bit key is then treated as two 28-bit quantities labeled as Co and Do.
 At each round Ci-1 and Di-1 are subjected to a circular left shirt or rotation of 1 or 2 bits
as governed by the DES Key schedule calculation.
 These shifted values serve as input to the next round.
 Apply Permuted Choice 2 to produce 48-bit output that serves the input to the
function.

P SOLMON CSE DEPT, NIT. Page 3

P SOLMON CSE DEPT, NIT. Page 4
P SOLMON CSE DEPT, NIT. Page 5
What is the strength of DES?
The use of 56-bit keys:
→ 56-bit keys have 256 = 7.2 x 1016 values
→ Brute force search looks hard
→ In 1999 Plain text is achieved in 22 hours.
→ Still must be able to recognize plaintext
→ Now considering alternatives to DES.

The Nature of The DES Algorithm: DES algorithm focuses on the eight substitution boxes that
are used in each iteration. The design criteria for these boxes are indeed for the entire algorithm
were not made public, there is a suspicion that the boxes were constructed in such a way that
cryptanalysis is possible for an opponent who knows the weaknesses in the S-boxes.
Timing Attacks: A timing attack is an example of an attack that exploits the implementation of
an algorithm rather than the algorithm itself.

P SOLMON CSE DEPT, NIT. Page 6

EXPLAIN ABOUT AES-STRUCTURE

AES is a symmetric block cipher intended to replace DES for commercial applications. It uses
128 bit block size and a key size of 128, 192 or 256 bits. AES was published by National
Institute of Standards and Technology (NIST) in 2001.
EVOLUTION CRITERIA:
Security: It refers the effort that is required to cryptanalyze the algorithm. Because of the key
size for AES is 128 bits, brute-force attacks with current and projected technology was
impractical.
Efficiency: The intension of NIST is to design AES is to be practical in a wide range of
applications and must have high computational efficiency.
Algorithm and Implementation Characteristics: It includes the flexibility, suitability for
various hardware and software implementations, simplicity and security. The following criteria
is used for final evaluation.
General Security: Compared to DES, the amount of time and the number of cryptographers
devoted to analysis are quite limited. So AES provides more security than the DES.
Software Implementations: The concern is execution speed, performance across a variety of
platforms and variation of speed with key size.
Restricted Space Environments: Representation of S-boxes will be stored in RAM or ROM
and subkey storage is in RAM is required.
Hardware Implementations: Like software, hardware implementations can be optimized for
size and speed. In the case of hardware size translates directly into cost that is usually in the case
for software implementations.
Attacks on Implementations: It deals with the various types of attacks the exploit the
mathematical properties of the algorithms.
Encryption versus Decryption: It deals with the issues related to the considerations of both
encryption and decryption.
Key agility: It refers to change of the keys quickly with a minimum of resources.
Other Versatility and Flexibility: It refers to the possibility of optimizing cipher elements.
Potential for Instruction Level Parallelism: It refers the ability of ILP feature implementations
in current and future processors.

AES Cipher:
AES is having following parameters.

Key size(words/bytes/bits) 4/16/128 6/24/192 8/32/256

Plaintext block Size (words/bytes/bits) 4/16/128 4/16/128 4/16/128

Number of rounds 10 12 14

Round Key size (words/bytes/bits) 4/16/128 4/16/128 4/16/128

Expanded key size (words/bytes) 44/176 52/208 60/240

P SOLMON CSE DEPT, NIT. Page 7

AES STRUCTURE

General structure

 The input to the encryption and decryption algorithms is a single 128-bit block. , this
block is depicted as a 4 * 4 square matrix of bytes.
 This block is copied into the State array, which is modified at each stage of encryption or
decryption.
 After the final stage, State is copied to an output matrix. These operations are depicted in
Figure 5.2a. Similarly, the key is depicted as a square matrix of bytes.
 This key is then expanded into an array of key schedule words. Figure 5.2b shows the
expansion for the 128-bit key. Each word is four bytes, and the total key schedule is 44
words for the 128-bit key
 The cipher consists of N rounds, where the number of rounds depends on the key length:
10 rounds for a 16-byte key, 12 rounds for a 24-byte key, and 14 rounds for a 32-byte
key (Table5.1).
 The first N-1 rounds consist of four distinct transformation functions: SubBytes,
ShiftRows, MixColumns, and AddRoundKey, which are described subsequently. The
final round contains only Three Transformations, and there is a initial single
transformation (AddRoundKey) before the first round

P SOLMON CSE DEPT, NIT. Page 8

P SOLMON CSE DEPT, NIT. Page 9
DETAILED AES STRUCTURE

AES consists of four separate functions in each round.

They are;
 Substitution Byte
 Permutation / Shifting of rows
 Mixing of columns
 XOR with a key / Add round key

Substitution Byte:
By using S-boxes byte-by-byte substitution is done. AES defines a 16 * 16 matrix of byte values,
called an S-box that contains a permutation of all possible 256 8-bit values.

P SOLMON CSE DEPT, NIT. Page 10

Permutation/Shifting of rows:
In permutation shifting rows will be performed. In encryption the transformation is called as
shiftrows. In decryption the transformation is called as Invshiftwors and the shifting is to the
right.
A circular byte shift in each each
1st row is unchanged
2nd row does 1 byte circular shift to left
3rd row does 2 byte circular shift to left
4th row does 3 byte circular shift to left
Decrypt inverts using shifts to right

P SOLMON CSE DEPT, NIT. Page 11

Mix Columns:
It means interbyte transformation that changes bits inside a byte, based on the bits inside te
neighboring bytes. We need mix bytes to provide diffusion at the bit level. The mix columns
transformation operates at the column level. It transforms each column of the state to a new
column.

XOR with a key / Add round key

This operation uses a simple bitwise XOR of the current block with a portion of the expanded
key.

The input to the encryption and decryption algorithm is 128 bit block. This block is copied into a
state array. The state array is modified at each stage of encryption or decryption. After the final
stage the output is copied into output matrix. 128 bit key is also depicted as a square matrix of
bytes. This key is then expanded into the array of key scheduled words. Each word is 4 bytes and
the total key schedule is 44 words for the 128 bit key. The ordering of bytes within a matrix is by
column. For example first 4 bytes of a 128 bit plaintext input to the encryption cipher occupies
the first column of the in matrix, the second four bytes occupy the second column and so on.
Similarly the first four bytes of the expanded key which forms a word, occupy the first column
of the w matrix.

P SOLMON CSE DEPT, NIT. Page 12

AES Single Round:

AES Key Expansion:

→ It will takes 128 bit key and expands into array of 44/52/60 32-bit words.

P SOLMON CSE DEPT, NIT. Page 13

EXPLAIN ABOUT TRIPLE DES.
Triple DES was first proposed by Tuchman and first standardized for the use in financial
applications. In cryptography, Triple DES (3DES) is the common name for the Triple Data
Encryption Algorithm (TDEA) block cipher, which applies the Data Encryption Standard(DES)
cipher algorithm three times to each data block. Because of the availability of increasing
computational power, the key size of the original DES cipher was becoming subject to brute
force attacks; Triple DES was designed to provide a relatively simple method of increasing the
key size of DES to protect against such attacks, without designing a completely new block
cipher algorithm.
Ciphertext = EK3(DK2(EK1(Plaintext)))
Where,
Ex[X] = encryption of X using key K Dx[Y] = decryption of Y using key K

Decryption is simply the same operation with the keys reversed.

Plaintext = DK1(EK2(DK3(Ciphertext)))

With three distinct keys, TDES has an effective key length of 168 bits. FIPS (Federal
Information Processing Standards) also allows for the use of two keys with K1=K3. This
provides a length of 112 bits. FIPS includes the following guidelines for TDES.
TDES is the FIPs approved conventional encryption algorithm.
GOvt. organizations with DES systems are encourages to transit to TDES.
It is anticipated that TDES and AES will coexist as FIPS approved algorithms allowing for a
gradual transition to AES.

P SOLMON CSE DEPT, NIT. Page 14

EXPLAIN ABOUT INTERNATIONAL DATA ENCRYPTION ALGORITHM (IDEA)
 IDEA (INTERNATIONAL DATA ENCRYPTION ALGORITHM) is a symmetric block
cipher algorithm.
 IDEA is developed by Lai and James of Swiss Federal Institute of Technology in 1991.
 IDEA uses 128 bit key and is divided into 52 sub keys.
 IDES uses 64 bit plain text block.
 Number of identical rounds are 8 where in each round 6 keys are used (6*8=48 keys).
 In last round the remaining 4 keys are used in both encryption and decryption process.
 It was meant to be a replacement for DES algorithm.

Design Issues:
 IDEA does not use S-boxes.
 IDEA relies on three different mathematical operations:
 XOR
 Binary Addition of 16-bit integers,
 Binary Multiplication of 16-bit integers.
 These functions are combines to produce a complex transformation and are very difficult
to cryptanalyze.

Key Generation Process:

 128 bit key is divided into 8 subparts of 16 bits each.
 Then 128 bit key is left shifted to 25th position which will generate a new 128 bit key.
 Then it is divided into 8 subparts and will be used to next round.
 The same process is performed 9 times.

P SOLMON CSE DEPT, NIT. Page 15

Understanding IDEA Algorithm in Detail

The 64-bit input plain text block-divided into 4 part (16 bits each) Declare p1 to p4.
 Therefore, p1 to p4 will be the inputs for the initial round of the algorithm.
 There are 8 such rounds.
 The key is made up of 128 bits.
 In each round, 6 sub-keys will be produced.
 Each one of the sub-keys includes 16 bits.
 All these sub-keys will be put on the 4 input blocks p1 to p4.
 The last actions include Output Transformation, which usually benefits simply 4 sub-
Keys.
 The last result is 4 blocks of ciphertext C1 to C4 (each of 16 bits).
 They are mixed to create the last 64-bit ciphertext block.

P SOLMON CSE DEPT, NIT. Page 16

Sequence of operation in last round:

Encryption:
 64 bit plain text is divided into 4 16-bit blocks and they are taken as input in first round.
 The first round output is taken as input for second round.
 The same process is repeated for all the subsequent 8 encryption rounds.
 The 9th round uses 4 keys and performs different operations.
Decryption:
 The process of decryption is same as the process used for encryption.
 The difference is the keys used for decryption is the inverse of the keys used during
encryption.

Applications:
 Financial and commercial data
 E-Mail
 Smart Cards, etc.

EXPLAIN ABOUT BLOWFISH.

It is a symmetric block cipher encryption algorithm designed by Bruce in 1993.
It is one of the fastest block ciphers in public use.
It is a general purpose algorithm intended as replacement for the DES algorithm.
Block size is 64 bits and key size is from 32 bits to 448 bits and number of rounds is 16.
It is designed to be easy to implement and to have a high execution speed.
It uses S-boxes and XOR function. Blowfish uses dynamic S-boxes are generated by repeated
application of Blowfish algorithm. A total of 521 executions are required to produce the sub
keys and S-boxes.

Description of the Algorithm:

Blowfish is a symmetric block cipher algorithm which encrypts 64 bits at a time. It follows
fiestel network.
Key expansion:
The p-array consists of 18, 32 bit sub-keys (576), i.e., P1,P2, ….,P18.

Four 32 bit S-boxes consist of 256 entries each (S1, S2, S3, S4).

P SOLMON CSE DEPT, NIT. Page 17

Initialize the P-array and four S-boxes with a fixed string, which contains hexadecimal digits.

XOR P1 with first 32 bits of the key, XOR P2 with second 32 bits of the key, XOR P3 with third
32 bits of the key and so on until the entire P-array has been XORed with the key bits.
Encrypt all zero string with blowfish algorithm using the subkeys which are generated in step 1
and 2.
Replace P1 and P2 with the output obtained in step 3.
Encrypt the output of step 3 using Blowfish algorithm with the modified sub keys.

Replace P3 and P4 with the output of step 5.

Continue the same process until all the entries in the P array are replaced and then all the S-
boxes with the output of the continuously changing Blowfish algorithm.

Total of 521 iterations are required to generate all required sub-keys.

Encryption:
It has 16 rounds and each round consists of key-dependent permutation and a key and data-
dependent substitution. All operations are XORs and additions on 32-bit words.

P SOLMON CSE DEPT, NIT. Page 18

Algorithm:

Blowfish Encryption divides the plaintext into two 32-bit halves: xL, xR

For i = 1 to 16:

xL = XL XOR Pi

xR = F(XL) XOR xR

Swap XL and xR

Swap XL and xR (Undo the last swap.)

xR = xR XOR P17

xL = xL XOR P18

Recombine xL and xR

Decryption:
Decryption is exactly same as encryption, except that P1, P2,…P18 are used in the reverse order.

EXPLAIN ABOUT CAST-128.

CAST-128 is a symmetric key block cipher and also been approved for Government of Canada
use by Communications Security Establishment.
CAST-128 is a 12 or 16-round Feistel network with a 64-bit block size and a key size of between
40 to 128 bits (but only in 8-bit increments).
The full 16 rounds are used when the key size is longer than 80 bits. Components include large
8×32-bit S-boxes based on bent functions (special type of Boolean functions), key- dependent
rotations, modular addition, subtraction and XOR operations. There are three alternating types of
round function, but they are similar in structure and differ only in the choice of the exact
operation (addition, subtraction or XOR) at various points.

EXPLAIN ABOUT VARIOUS BLOCK CIPHER MODES OF OPERATIONS WITH

NEAT DIAGRAMS.
 The DES algorithm is a basic building block for providing data security.
 To apply DES in a variety of applications, four “modes of operation” have been defined.
 These four modes are intended to cover virtually all the possible applications of
encryption for which DES could be used.
Types of Block cipher modes
 Electronic Codebook Mode

P SOLMON CSE DEPT, NIT. Page 19

  Cipher Block Chaining Mode
 Cipher Feedback Mode
 Output Feedback Mode
 Counter Mode
Electronic Codebook Mode
The simplest mode is the electronic codebook (ECB) mode, in which plaintext is handled 64 bits
at a time and each block of plaintext is encrypted using the same key.
The term codebook is used because, for a given key, there is a unique ciphertext for every 64-bit
block of plaintext.

For a message longer than 64 bits, the procedure is simply break the message into 64-bit blocks,
padding the last block if necessary.

Decryption is performed one block at a time, always using the same key.

In the above Figure, the plaintext (padded as necessary) consists of a sequence of 64-bit blocks,
P1, P2, ..., PN; the corresponding sequence of ciphertext blocks is C1, C2, ….,CN.
The ECB method is ideal for a short amount of data, such as an encryption key, thus, if you want
to transmit a DES key securely, ECB is the appropriate mode to use.
The most significant characteristic of ECB is that the same 64-bit block of plaintext, if it appears
more than once in the message, always produces the same ciphertext.
For lengthy messages, the ECB mode may not be secure.

Cipher Block Chaining Mode

To overcome the security deficiencies of ECB, we would like a technique in which the same
plaintext block, if repeated, produces different ciphertext blocks. A simple way to satisfy this
requirement is the cipher block chaining (CBC) MODE. In this scheme, the input to the
encryption algorithm is the XOR of the current plaintext block and the preceding ciphertext
block; the same key is used for each block.
For decryption, each cipher block is passed through the decryption algorithm. The result is
XORed with the preceding ciphertext block to produce the plaintext block.
To produce the first block of ciphertext, an initialization vector (IV) is XORed with the first

P SOLMON CSE DEPT, NIT. Page 20

block of plaintext.
The IV must be known to both the sender and receiver. For maximum security, the IV should be
protected as well as the key.

Cipher Feedback Mode

The DES scheme is essentially a block cipher technique that uses 64-bit blocks. However, it is
possible to convert DES into a stream cipher, using either the cipher feedback (CFB) or the
output feedback mode.
A stream cipher eliminates the need to pad a message to be an integral number of blocks. It also
can operate in real time. If a character stream is being transmitted, each character can be
encrypted and transmitted immediately using a character-oriented stream cipher.

In the Figure, it is assumed that the unit of transmission is s bits; a common value of S is
8. In CBC the units of plaintext are chained together but in CFB rather than units of 64 bits of
the plaintext it is divided into segment of s bits.

P SOLMON CSE DEPT, NIT. Page 21

The input to encryption function is a 64-bit shift register that is initially set to some initialization
vector (IV). The leftmost s bits in the output of the encryption function are XORed with the first
segment of plaintext P1 to produce the first unit of ciphertext C1, which is then transmitted. In
addition, the contents of the shift register are shifted left by s bits and C1 is placed in the
rightmost (least significant) s bits of the shift register, this process continues until all plaintext
units have been encrypted.
For decryption, the same scheme is used, except that the received ciphertext unit is XORed with
the output of the encryption function to produce the plaintext unit. Note that it is the encryption
function that is used, not the decryption function.
Output Feedback Mode
The output feedback (OFB) mode is similar in structure to that of CFB. As can be seen, it is the
output of the encryption function that is fed back to the shift register in OFB, whereas in CFB
the ciphertext unit is fed back to the shift register.
One advantage of the OFB method is that bit errors in transmission do not propagate. For
example, if a bit error occurs in C1, only the recovered value of P1 is affected; subsequent
plaintext units are not corrupted. With CFB, C1 also serves as input to the shift register and
therefore causes additional corruption downstream.
The disadvantage of OFB is that is more vulnerable to a message stream modification attack that
is CFB. Consider that complementing a bit in the ciphertext complements the corresponding bit
in the recovered plaintext. Thus, controlled changes to the recovered plaintext can be made. This
may make it possible for an opponent, by making the necessary changes to the checksum portion
of the message as well as to the data portion, to alter the ciphertext in such a way that it is not
detected by an error-correcting code.

Counter Mode:
In CTR mode a counter, equal to the plaintext block size is used. The only requirement is that the
counter value must be different for each plaintext block that is encrypted. Typically, the counter is
initialized to some value and then incremented by 1 for each subsequent block. For encryption, the
counter is encrypted and then XORed with the plaintext block to produce the ciphertext block; there
is no chaining. For decryption, the same sequence of counter values is used, with each encrypted
counter XORed with a ciphertext block to recover the corresponding plaintext block.
Advantages:
 Hardware efficiency

P SOLMON CSE DEPT, NIT. Page 22

  Software efficiency
 Preprocessing
 Random access
 Provable security
 Simplicity

Figure. Counter (CTR) Model

NUMBER THEORY
Prime and Relatively Prime Numbers:
An integer P>1 is a prime number only if it divisors 2 are ±1 and ±P.

Ex:
18 = 2 x 3 x 3
35 = 7 x 5
So 18 and 35 are relatively prime numbers. 18 = 2 x 3 x 3
21 = 3 x 7
3 is common factor for both 18 and 21, so 18 and 21 are not relatively prime numbers.

Relative Prime Numbers

Two numbers are said to be relative prime numbers when they share no factors in common
other than one
If two integers a, b are relatively prime if gcd(a,b)=1.
Example-1:
 15 and 28 are relatively prime numbers
15=the factors are (1,3,5)
28=the factors are (1,2,4,7)
 7 and 20 are relatively prime numbers
 12 and 13 are relatively prime numbers
Example-2:
 18 = 2 x 3 x 3
 35 = 7 x 5
 So 18 and 35 are relatively prime numbers.
 18 = 2 x 3 x 3

P SOLMON CSE DEPT, NIT. Page 23

  21 = 3 x 7
 3 is common factor for both 18 and 21, so 18 and 21 are not relatively prime numbers.

MODULAR ARITHMETIC:

If n and a are any two positive integers and if we divide a by n we get an integer quotient 1 and
an integer remainder r that obey the following condition.
A = qn + r 0<=r<n ;[q=[a/n]
Ex:
A= 11 n= 7
Q = 11/ 7 =1 r = 11/7 = 4
A = qn+r
= (1x7)+4
=7+4
= 11
If n is a positive integer and a is an integer, then we define a mod n. The integer n is called the
modulus.
A= [a/n] x n + (a mod n)

Ex: 11 mod 7 = 4 and -11 mod 7 = 4

Two integers a and b are said to be congruent modulo n if and only if
(a mod n) = (b mod n).
This will be written as a Ξ b (mod n)3 73 Ξ 4 (mod 23)
73 mod 23 = 4
4 mod 23 = 4
So 73 and 4 are congruent modulo to 23.

Modular arithmetic operations:

Properties:

Property Expression
Commutative Laws (a+b) mod n = (b+a) mod n
(a*b) mod n = (b*a) mod n
Associative Laws [(a+b)+c] mod n = [a+(b+c)] mod n
[(a*b)*c] mod n = [a*(b*c)] mod n
Distributive Law [a*(b+c)] mod n = [(a+b)*(a+c)] mod n
Identites (0+a) mod n = a mod n
(1*a) mod n = a mod n

FERMAT’ S THEOREM
This theorem plays an important role in public key cryptography. This theorem states that If ‘p’
is a prime and ‘a’ is a positive integer not divisible by p then a p-1 Ξ 1 (mod p). This theorem is
also known as Fermat’s little theorem. This theorem is used in RSA and primality testing.
Proof:
Consider a set of positive integers less than p. P = {1,2,……,p-1}
Multiply each element by a and modulo p, to get the set X. X = { a mod p, 2a mod p,…., (p-1)a
mod p}.

P SOLMON CSE DEPT, NIT. Page 24

None of the elements of X is equal to zero, because p does not divide a and also any two of the
integers in X are not equal.
Assume that ja Ξ ka (mod p), here 1<=j<=k<=p-1, because of ‘a’ is relatively prime to p, we can
eliminate ‘a’ from both sides.
J Ξ k (mod p)
So we know that this last equality is impossible, because j and k are both positive integers less
than p. so (p-1) elements of X are all positive integers with no two elements are equal.
A x 2a x …. X (p-1)a Ξ [1 x 2 x 3 x ….x (p-1)] mod p A p-1 Ξ 1(mod p)
Example: 1=7, p =19
72 = 49 Ξ 11 (mod 19)
74 = 121 Ξ 7 (mod 19)
78 = 49 Ξ 11 (mod 19)
716 = 121 Ξ 7 (mod 19)
Ap-1 = 718 = 716 x 72 Ξ 7 x 11 Ξ 1 (mod 19)

EULER’S TOTIENT THEOREM:

Euler’s totient function Φ (n) is defined as the number of positive integers less than ‘n’ and are
relatively prime to ‘n’.
Φ (n) = 1
Example: Determine Φ (35)
To determine Φ (35) we need all the positive integers less than 35 that are relatively prime to it;
1, 2, 3, 4, 6, 8, 9, 11, 12, 13, 16, 17, 18, 19, 22, 23, 24, 26, 27, 29, 31, 32, 33, 34
Φ (35) = 24 Φ (p) = p-1
Suppose we have two prime numbers p and q with p ≠ q. n = pq
Φ (n) = Φ (pq)
= Φ (p) x Φ ((q)
= (p-1) x (q-1)

Euler’s theorem states that every a and n that are relatively prime. aΦ (n) Ξ 1(mod n)
Example: A= 3, n=10, Φ (10)= 4
a Φ (n)= 34 = 81 = 1(mod 10) = 1( mod n)

THE CHINESE REMAINDER THEOREM (CRT)

Let m1, m2, …, mn be pairwise relatively prime positive integers and let b1, b2,…, bn be any
integers. Then the system of linear congruences in one variable given by;
X Ξ b1 mod m1 X Ξ b2 mod m2
.
.
.
X Ξ bn mod mn
Has unique solution modulo m1, m2, …, mn.
Proof:
E first construct a solution to the given system of linear congruences in one variable. Let M =
m1, m2, …, mn and, for I = 1, 2,…, n, let Mi = M/mi. noe (Mi, mi) = 1 for each i. So Mixi Ξ 1 mod
mi has a solution for each i by Corollary forms

X = b1M1x1 + b2M2x2 +…..+ bnMnxn Note that x is a solution of the desired system since, for i
=1 ,2,…, n
X = b1M1x1 + b2M2x2 +…..+ biMixi +….+ bnMnxn Ξ 0 + 0 + …..+ bi +….+ 0 mod mi
Ξ bi mod mi

P SOLMON CSE DEPT, NIT. Page 25

It remains to show the uniqueness ofo the solution modulo M. let x’ be another solution o the
given system of linear congruences in one variable. Then, for all I, we have that x‘Ξ bi mod mi
for all i, we have that x Ξ x’ mod mi for all i or equivalently, mi | x- x1 for all i. then M
| x-x’ from which x Ξ x1 mod M. The proof is complete.

Note that the proof of the CRT shows the existence and uniqueness of the claimed solution
modulo M by actually constructing this solution. Such a proof is said to be constructive; the
advantage of constructive proofs is that they yield a procedure or algorithm for obtaining the
desired quantity. We now use the procedure motivated in the proof of therorem to solve the
system of linear congruences in one variable.
Example:
X Ξ 2 mod 3
X Ξ 1 mod 4
X Ξ 3 mod 5
M=3. 4. 5 = 60
M1=60/3 =20
M2=60/4 =15
M3=60/5 =12
M1=20, m1 = 3
Solve 20x1 Ξ 1 mod 3
2x1 Ξ 1 mod 3

M2=15, m2 = 4
Solve 15x2 Ξ 1 mod 4
3x2 Ξ 1 mod 4

M3=12, m3 = 5
Solve 12x3 Ξ 1 mod 5
2x3 Ξ 1 mod 5

X = b1M1x1 + b2M2x2 + b3M3x3

= 2(20)(2) + 1(15)(3) + 3(13)(3) = 233 mod 60
Ξ 53 mod 60

So any positive integer congruent to 53 mod 60 is a solution to the system.

DISCRETE LOGARITHMS
Discrete logarithms are fundamental to number of public key algorithms.
The powers of Integer, modulo n:
According to Euler’s theorem; aΦ(n) Ξ 1 (mod n)
where Φ(n) is Euler’s totient function, represents the number of positive integers less than ‘n’ are
relatively prime to ‘n’.
amΞ 1(mod n) where m = Φ(n)

P SOLMON CSE DEPT, NIT. Page 26

The following tables shos the powers of ‘a’ modulo 19 for all positive a<19.

All sequences end with 1

The length of a sequence divides Φ(19) = 18
Some of the sequences are of length 18. In this case, it is said that the base integer ‘a’ generates
the set of nonzero integers modulo 19. Each such integer is called a prime root of the modulus
19.

The highest possible exponent to which a number can belong (mod n) is Φ(n). if a number is of
this order, it is referred to as a primitive root of n. the importance of this solution is that if ‘a’ is a
prime root of n, then its powers;
a, a2, …., aΦ(n)
are distinct (mod n) and are all relatively prime to n. in particual for a primer number p, if a is a
primitive root of p, then
a, a2, …., ap-1
are distinct (mod p). for othe pirme number 19, the primitive roots are 2, 3, 10, 13, 14 and
15.

Logarithms for modular arithmetic:

For ordinary positive real number, the logarithm function is the inverse of exponentiation.
Logarithm properties:
The logarithm of a number is defined to be the poser to which some positive base except 1 must
be raised in order to equal to the number. That is for base x and for a value y.
y = x logx(y)
Logx(1) = 0
Logx(x) = 1
Logx(yz) = Logx(y) + Logx(z)

P SOLMON CSE DEPT, NIT. Page 27

Logx(y’) = r x Logx(y)
Consider a primitive root a for some number p, then we know that the powers of a from 1
through (p-1) produce each integer from 1 through (p-1) exactly once. We also know that any
integer b satisfies;
b Ξ r (mod p) for some r, where 0<=r<=(p-1)
by the definition of modular arithmetic it follows that for any integer b and a primitive root a of
prime numbr p, we can find a unique component i such that ;
b Ξ ai (mod p), where 0<=i<=(p-1)
this exponent of I is referred to as the discrete logarithm of the number b for the base a (mod p).
we denote this value as dloga,p(b)10.
Example:

P SOLMON CSE DEPT, NIT. Page 28

P SOLMON CSE DEPT, NIT. Page 29
P SOLMON CSE DEPT, NIT. Page 30
P SOLMON CSE DEPT, NIT. Page 31
P SOLMON CSE DEPT, NIT. Page 32
P SOLMON CSE DEPT, NIT. Page 33
P SOLMON CSE DEPT, NIT. Page 34
P SOLMON CSE DEPT, NIT. Page 35
IMPORTANT QUESTIONS
1) Explain About DES With A Neat Diagram.
2) Explain About Various Modes Of Operations With Neat Diagrams.
3) Explain About AES.
4) Explain About IDEA And Triple DES.
5) Write About Key Expansion In Blowfish.
6) Number Theory all Algorithems.

P SOLMON CSE DEPT, NIT. Page 36